From a5acdeb464abf65f70e83baff8713e407d090ef0 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Dec 17 2019 09:21:15 +0000 Subject: import open-vm-tools-10.3.10-3.el8_1.1 --- diff --git a/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch b/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch new file mode 100644 index 0000000..523267b --- /dev/null +++ b/SOURCES/ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch @@ -0,0 +1,106 @@ +From 44f00e9dc569e7ec89251b415e156df0cb59ea07 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Tue, 19 Nov 2019 14:16:05 +0100 +Subject: [PATCH 2/3] End VGAuth impersonation in the case of error. + +RH-Author: Cathy Avery +Message-id: <20191119141606.5322-3-cavery@redhat.com> +Patchwork-id: 92512 +O-Subject: [RHEL8.1.z open-vm-tools PATCH 2/3] End VGAuth impersonation in the case of error. +Bugzilla: 1773903 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 7b874f37f970aab2adddb063a8363594f47abf70 +Author: Oliver Kurth +Date: Tue Sep 4 15:40:58 2018 -0700 + + End VGAuth impersonation in the case of error. + + * In GuestAuthPasswordAuthenticateImpersonate(): + When VGAuth_UserHandleAccessToken fails, unimpersonation is not + being done. This can cause issues. Fixed it. + + * In GuestAuthSAMLAuthenticateAndImpersonate(), fixed the following issues: + The 'newHandle' is not being freed which causes a memory leak. + When VGAuth_UserHandleAccessToken fails, unimpersonation is not + being done. + +Signed-off-by: Cathy Avery + +Conflicts: There was previously a parital port of this patch +commit 65f14ca791ac6636ad7d8a3d59941e52a5e3188c of coverity fixes only. + +Signed-off-by: Miroslav Rezanina +--- + services/plugins/vix/vixTools.c | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c +index 2d60b86..7df91de 100644 +--- a/services/plugins/vix/vixTools.c ++++ b/services/plugins/vix/vixTools.c +@@ -11552,6 +11552,7 @@ GuestAuthPasswordAuthenticateImpersonate( + VGAuthError vgErr; + VGAuthUserHandle *newHandle = NULL; + VGAuthExtraParams extraParams[1]; ++ Bool impersonated = FALSE; + + extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE; + extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE; +@@ -11587,6 +11588,8 @@ GuestAuthPasswordAuthenticateImpersonate( + goto done; + } + ++ impersonated = TRUE; ++ + #ifdef _WIN32 + // this is making a copy of the token, be sure to close it + vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); +@@ -11606,6 +11609,10 @@ done: + Util_ZeroFreeString(password); + + if (VIX_OK != err) { ++ if (impersonated) { ++ vgErr = VGAuth_EndImpersonation(ctx); ++ ASSERT(vgErr == VGAUTH_E_OK); ++ } + VGAuth_UserHandleFree(newHandle); + newHandle = NULL; + } +@@ -11646,6 +11653,7 @@ GuestAuthSAMLAuthenticateAndImpersonate( + VGAuthError vgErr; + VGAuthUserHandle *newHandle = NULL; + VGAuthExtraParams extraParams[1]; ++ Bool impersonated = FALSE; + + extraParams[0].name = VGAUTH_PARAM_LOAD_USER_PROFILE; + extraParams[0].value = VGAUTH_PARAM_VALUE_TRUE; +@@ -11737,6 +11745,8 @@ impersonate: + goto done; + } + ++ impersonated = TRUE; ++ + #ifdef _WIN32 + // this is making a copy of the token, be sure to close it + vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); +@@ -11755,6 +11765,15 @@ done: + Util_ZeroFreeString(token); + Util_ZeroFreeString(username); + ++ if (VIX_OK != err) { ++ if (impersonated) { ++ vgErr = VGAuth_EndImpersonation(ctx); ++ ASSERT(vgErr == VGAUTH_E_OK); ++ } ++ VGAuth_UserHandleFree(newHandle); ++ newHandle = NULL; ++ } ++ + return err; + #else + return VIX_E_NOT_SUPPORTED; +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch b/SOURCES/ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch new file mode 100644 index 0000000..b0e7325 --- /dev/null +++ b/SOURCES/ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch @@ -0,0 +1,87 @@ +From 54da2ccfa99000a62f22820a3702331bbd131077 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Tue, 19 Nov 2019 14:16:06 +0100 +Subject: [PATCH 3/3] Fix leaks in ListAliases and ListMappedAliases + (9bc72f0b09702754b429115658a85223cb3058bd from devel) + +RH-Author: Cathy Avery +Message-id: <20191119141606.5322-4-cavery@redhat.com> +Patchwork-id: 92513 +O-Subject: [RHEL8.1.z open-vm-tools PATCH 3/3] Fix leaks in ListAliases and ListMappedAliases (9bc72f0b09702754b429115658a85223cb3058bd from devel) +Bugzilla: 1773903 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 26b9edbeb79d1c67b9ae73a0c97c48999c1fb503 (origin/stable-10.3.10-vix-memory-leaks) +Author: Oliver Kurth +Date: Wed Oct 2 17:48:35 2019 -0700 + + Fix leaks in ListAliases and ListMappedAliases (9bc72f0b09702754b429115658a85223cb3058bd from devel) + +Signed-off-by: Cathy Avery + +Conflicts: Previous coverity patch commit d477b6e21915d5099018f4fc4b60f257bb593d72 +Signed-off-by: Miroslav Rezanina +--- + services/plugins/vix/vixTools.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c +index 7df91de..2b9dede 100644 +--- a/services/plugins/vix/vixTools.c ++++ b/services/plugins/vix/vixTools.c +@@ -9620,7 +9620,6 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + char *destPtr; + char *endDestPtr; + char *tmpBuf = NULL; +- char *recordBuf; + size_t recordSize; + char *escapedStr = NULL; + char *escapedStr2 = NULL; +@@ -9679,6 +9678,8 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + destPtr += Str_Sprintf(destPtr, endDestPtr - destPtr, "%s", + VIX_XML_ESCAPED_TAG); + for (i = 0; i < num; i++) { ++ char *recordBuf = NULL; ++ + escapedStr = VixToolsEscapeXMLString(uaList[i].pemCert); + if (escapedStr == NULL) { + err = VIX_E_OUT_OF_MEMORY; +@@ -9752,6 +9753,8 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN + Log("%s: ListAuth list results too large, truncating", __FUNCTION__); + goto abort; + } ++ free(recordBuf); ++ recordBuf = NULL; + } + + *result = resultBuffer; +@@ -9817,7 +9820,6 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + char *destPtr; + char *endDestPtr; + char *tmpBuf = NULL; +- char *recordBuf; + char *escapedStr = NULL; + char *escapedStr2 = NULL; + size_t recordSize; +@@ -9870,6 +9872,8 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + destPtr += Str_Sprintf(destPtr, endDestPtr - destPtr, "%s", + VIX_XML_ESCAPED_TAG); + for (i = 0; i < num; i++) { ++ char *recordBuf = NULL; ++ + escapedStr = VixToolsEscapeXMLString(maList[i].pemCert); + if (escapedStr == NULL) { + err = VIX_E_OUT_OF_MEMORY; +@@ -9941,6 +9945,8 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN + Log("%s: ListMapped results too large, truncating", __FUNCTION__); + goto abort; + } ++ free(recordBuf); ++ recordBuf = NULL; + } + + *result = resultBuffer; +-- +1.8.3.1 + diff --git a/SOURCES/ovt-Fix-memory-leaks-in-vix-tools-plugin.patch b/SOURCES/ovt-Fix-memory-leaks-in-vix-tools-plugin.patch new file mode 100644 index 0000000..b7537c0 --- /dev/null +++ b/SOURCES/ovt-Fix-memory-leaks-in-vix-tools-plugin.patch @@ -0,0 +1,102 @@ +From af8a6eab2759aafeffc5ae47aed33492eb092b51 Mon Sep 17 00:00:00 2001 +From: Cathy Avery +Date: Tue, 19 Nov 2019 14:16:04 +0100 +Subject: [PATCH 1/3] Fix memory leaks in 'vix' tools plugin. + +RH-Author: Cathy Avery +Message-id: <20191119141606.5322-2-cavery@redhat.com> +Patchwork-id: 92511 +O-Subject: [RHEL8.1.z open-vm-tools PATCH 1/3] Fix memory leaks in 'vix' tools plugin. +Bugzilla: 1773903 +RH-Acked-by: Vitaly Kuznetsov +RH-Acked-by: Miroslav Rezanina + +commit 015db4c06a8be65eb96cf62421e8b5366993452f +Author: Oliver Kurth +Date: Wed Aug 29 13:29:45 2018 -0700 + + Fix memory leaks in 'vix' tools plugin. + + * vix plugin retrieves the power script file paths from the + config file but doesn't free them and this causes a memory leak. + Fixed the code to free the filepaths. + + * In GuestAuthPasswordAuthenticateImpersonate function, the VGAuth + handle is not freed when the impersonation fails. Fixed the + code to call VGAuth_UserHandleFree in the error path. + + Note: I executed one guest operation with wrong credentials. + Every failure leaks 75 bytes of memory. (in Centos 64-bit VM) + + * Fixed another minor issue in the code. At couple of places in + the code, replaced 'err' with 'vgErr' for storing the return value + of VGAuth_UserHandleAccessToken. + +Signed-off-by: Cathy Avery +Signed-off-by: Miroslav Rezanina +--- + services/plugins/vix/vixTools.c | 20 ++++++++++++++------ + 1 file changed, 14 insertions(+), 6 deletions(-) + +diff --git a/services/plugins/vix/vixTools.c b/services/plugins/vix/vixTools.c +index ef26742..2d60b86 100644 +--- a/services/plugins/vix/vixTools.c ++++ b/services/plugins/vix/vixTools.c +@@ -2522,10 +2522,10 @@ VixTools_GetToolsPropertiesImpl(GKeyFile *confDictRef, // IN + char *guestName; + int osFamily; + char *packageList = NULL; +- const char *powerOffScript = NULL; +- const char *powerOnScript = NULL; +- const char *resumeScript = NULL; +- const char *suspendScript = NULL; ++ char *powerOffScript = NULL; ++ char *powerOnScript = NULL; ++ char *resumeScript = NULL; ++ char *suspendScript = NULL; + char *osName = NULL; + char *osNameFull = NULL; + Bool foundHostName; +@@ -2726,6 +2726,10 @@ abort: + free(tempDir); + free(osName); + free(osNameFull); ++ free(suspendScript); ++ free(resumeScript); ++ free(powerOnScript); ++ free(powerOffScript); + #else + /* + * FreeBSD. We do not require all the properties above. +@@ -11585,7 +11589,7 @@ GuestAuthPasswordAuthenticateImpersonate( + + #ifdef _WIN32 + // this is making a copy of the token, be sure to close it +- err = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); ++ vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); + if (VGAUTH_FAILED(vgErr)) { + err = VixToolsTranslateVGAuthError(vgErr); + goto done; +@@ -11601,6 +11605,10 @@ done: + free(username); + Util_ZeroFreeString(password); + ++ if (VIX_OK != err) { ++ VGAuth_UserHandleFree(newHandle); ++ newHandle = NULL; ++ } + return err; + #else + return VIX_E_NOT_SUPPORTED; +@@ -11731,7 +11739,7 @@ impersonate: + + #ifdef _WIN32 + // this is making a copy of the token, be sure to close it +- err = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); ++ vgErr = VGAuth_UserHandleAccessToken(ctx, newHandle, userToken); + if (VGAUTH_FAILED(vgErr)) { + err = VixToolsTranslateVGAuthError(vgErr); + goto done; +-- +1.8.3.1 + diff --git a/SPECS/open-vm-tools.spec b/SPECS/open-vm-tools.spec index 7696902..6ae80f5 100644 --- a/SPECS/open-vm-tools.spec +++ b/SPECS/open-vm-tools.spec @@ -28,7 +28,7 @@ Name: open-vm-tools Version: %{toolsversion} -Release: 3%{?dist} +Release: 3%{?dist}.1 Summary: Open Virtual Machine Tools for virtual machines hosted on VMware Group: Applications/System License: GPLv2 @@ -71,6 +71,12 @@ Patch15: ovt-copyPasteCompatX11.c-code-generating-unnecessary-Cov.patch Patch16: ovt-Fix-a-Coverity-issue-reported-in-vgauth-serviceImpl-.patch # For bz#1602648 - [ESXi][RHEL8]Please review important issues found by covscan in "open-vm-tools-10.2.5-2.el8+7" package Patch17: ovt-Fix-two-coverity-issues-reported-by-a-customer.patch +# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z] +Patch18: ovt-Fix-memory-leaks-in-vix-tools-plugin.patch +# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z] +Patch19: ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch +# For bz#1773903 - [ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z] +Patch20: ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch BuildRequires: autoconf BuildRequires: automake @@ -179,6 +185,9 @@ machines. %patch15 -p1 %patch16 -p1 %patch17 -p1 +%patch18 -p1 +%patch19 -p1 +%patch20 -p1 %build # Required for regenerating configure script when @@ -349,6 +358,13 @@ fi %{_bindir}/vmware-vgauth-smoketest %changelog +* Fri Nov 22 2019 Miroslav Rezanina - 10.3.10-3.el8_1_0.1 +- ovt-Fix-memory-leaks-in-vix-tools-plugin.patch [bz#1773903] +- ovt-End-VGAuth-impersonation-in-the-case-of-error2.patch [bz#1773903] +- ovt-Fix-leaks-in-ListAliases-and-ListMappedAliases-9bc72.patch [bz#1773903] +- Resolves: bz#1773903 + ([ESXi][RHEL8.0]Need to backport some severe memory leak fixes from upstream [rhel-8.1.0.z]) + * Thu Aug 01 2019 Miroslav Rezanina - 10.3.10-3 - ovt-End-VGAuth-impersonation-in-the-case-of-error.patch [bz#1602648] - ovt-Fix-memory-leak-in-GetFormattedCommandLine-function-.patch [bz#1602648]